4 * physical_exam edit_diagnoses.php
7 * @link http://www.open-emr.org
8 * @author Rod Roark <rod@sunsetsystems.com>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @copyright Copyright (c) 2006 Rod Roark <rod@sunsetsystems.com>
11 * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
15 require_once(__DIR__
. "/../../globals.php");
17 use OpenEMR\Common\Acl\AclMain
;
18 use OpenEMR\Common\Csrf\CsrfUtils
;
19 use OpenEMR\Core\Header
;
21 $line_id = $_REQUEST['lineid'];
24 if ($issue && !AclMain
::aclCheckCore('patients', 'med', '', 'write')) {
25 die("Edit is not authorized!");
30 <title
><?php
echo xlt('Edit Diagnoses for');?
><?php
echo text($line_id); ?
></title
>
32 <?php Header
::setupHeader('opener'); ?
>
36 <body
class="body_top">
38 // If we are saving, then save and close the window.
40 if ($_POST['form_save']) {
41 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
42 CsrfUtils
::csrfNotVerified();
45 $query = "DELETE FROM form_physical_exam_diagnoses WHERE line_id = ?";
46 sqlStatement($query, array($line_id));
48 $form_diagnoses = $_POST['form_diagnosis'];
49 $form_orderings = $_POST['form_ordering'];
50 foreach ($form_diagnoses as $i => $diagnosis) {
52 $ordering = $form_orderings[$i];
53 $query = "INSERT INTO form_physical_exam_diagnoses (
54 line_id, ordering, diagnosis
58 sqlStatement($query, array($line_id, $ordering, $diagnosis));
62 // Close this window and redisplay the updated encounter form.
66 echo " alert(" . js_escape($info_msg) . ");\n";
69 echo " window.close();\n";
70 // echo " opener.location.reload();\n";
71 echo " if (opener.refreshme) opener.refreshme();\n";
72 echo "</script></body></html>\n";
77 "SELECT * FROM form_physical_exam_diagnoses WHERE " .
78 "line_id = ? ORDER BY ordering, diagnosis",
82 <form method
='post' name
='theform' action
='edit_diagnoses.php?lineid=<?php echo attr_url($line_id); ?>'
83 onsubmit
='return top.restoreSession()'>
84 <input type
="hidden" name
="csrf_token_form" value
="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
88 <table border
='0' width
='100%'>
91 <td width
='5%'><?php
echo xlt('Order'); ?
></td
>
92 <td width
='95%'><?php
echo xlt('Diagnosis'); ?
></td
>
95 <?php
for ($i = 1; $drow = sqlFetchArray($dres); ++
$i) { ?
>
97 <td
><input type
='text' size
='3' maxlength
='5' name
='form_ordering[<?php echo attr($i); ?>]' value
='<?php echo attr($i); ?>' /></td
>
98 <td
><input type
='text' size
='20' maxlength
='250' name
='form_diagnosis[<?php echo attr($i); ?>]' value
='<?php echo attr($drow['diagnosis
']); ?>' style
='width:100%' /></td
>
102 <?php
for ($j = 0; $j < 5; ++
$j, ++
$i) { ?
>
104 <td
><input type
='text' size
='3' name
='form_ordering[<?php echo attr($i); ?>]' value
='<?php echo $i?>' /></td
>
105 <td
><input type
='text' size
='20' name
='form_diagnosis[<?php echo attr($i); ?>]' style
='width:100%' /></td
>
112 <input type
='submit' name
='form_save' value
='<?php echo xla('Save
'); ?>' />
115 <input type
='button' value
='<?php echo xla('Cancel
'); ?>' onclick
='window.close()' />